Skip to content

fix: password reset #25753

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

fix: password reset #25753

wants to merge 3 commits into from

Conversation

@owencraston
Copy link
Contributor

@owencraston owencraston commented Jul 10, 2024
edited
Loading

Description

  1. What is the reason for the change?
  • This fix addresses a user facing bug in production
  • When a user locks the wallet and goes through the forget password flow, the wallet is not accessible with the new password. Instead the user must use the old password to unlock the wallet.
  • This is a bug in the keyring controller because the encryptionKey gets generated with the old password and is not reset when the user locks the wallet and generates a new password.
  1. What is the improvement/solution?
  • This fix patches the keyring controller such that when the user locks the wallet the encryption key gets cleared
  • We also clear the encryption key in the#createNewVaultWithKeyring to ensure a new encryption key is generated with the new password when the user logs in again and submitPassword is called.
  • This patch will be removed once this PR ships in the keyring controller library

Open in GitHub Codespaces

Related issues

Fixes: #25696

Manual testing steps

  • Open the extension
  • Proceed to Forget password flow
  • Paste your secret recovery phrase
  • Set a new different password
  • Proceed to Restore your Wallet
  • After entering the account, lock it and try to login with the new password
  • It will throw an Invalid password error

Screenshots/Recordings

Before

346117392-0de00905-ee01-4241-a90e-da60c5eb0976.mov

After

Screen.Recording.2024-07-10.at.2.51.03.PM.mov

Pre-merge author checklist

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 10, 2024

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@metamaskbot
Copy link
Collaborator

metamaskbot commented Jul 10, 2024

Builds ready [bdd78df]
Page Load Metrics (177 ± 235 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint734701158340
domContentLoaded99031189
load452306177489235
domInteractive99031189
Bundle size diffs [🚨 Warning! Bundle size has increased!]
  • background: 0 Bytes (0.00%)
  • ui: 0 Bytes (0.00%)
  • common: 114 Bytes (0.00%)

@codecov
Copy link

codecov bot commented Jul 10, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 69.77%. Comparing base (5ee57a6) to head (bdd78df).
Report is 23 commits behind head on develop.

Additional details and impacted files 
@@             Coverage Diff             @@
##           develop   #25753      +/-   ##
===========================================
- Coverage    69.77%   69.77%   -0.00%     
===========================================
  Files         1376     1378       +2     
  Lines        48403    48539     +136     
  Branches     13348    13387      +39     
===========================================
+ Hits         33773    33866      +93     
- Misses       14630    14673      +43

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@owencraston owencraston mentioned this pull request Jul 10, 2024
Merged
3 tasks
@owencraston owencraston added the team-accounts-framework Accounts Framework team label Jul 10, 2024
@owencraston owencraston marked this pull request as ready for review July 10, 2024 22:05
@owencraston owencraston requested a review from a team as a code owner July 10, 2024 22:05
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 10, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@owencraston owencraston requested review from Gudahtt and gantunesr July 10, 2024 22:19
@gantunesr gantunesr changed the title fix: The new password is not recognized; Metamask only accepts the old password after wallet reset fix: password reset Jul 10, 2024
@owencraston owencraston deleted the fix/password-reset branch July 11, 2024 20:38
@github-actions github-actions bot locked and limited conversation to collaborators Jul 11, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@Gudahtt Gudahtt Awaiting requested review from Gudahtt

@gantunesr gantunesr Awaiting requested review from gantunesr

Assignees

No one assigned

Labels

team-accounts-framework Accounts Framework team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: The new password is not recognized; Metamask only accepts the old password after wallet reset

3 participants

@owencraston @metamaskbot